mdre83 Posted September 17, 2009 Share Posted September 17, 2009 Hi, I have one slight problem, I'm setting up a sign_up process. The confirmation email is received fine however, when clicking the link to activate the account, all I receive is a blank screen. I cannot see where I may have gone wrong. It's resolution is probably looking straight at me. I've checked that the passkey appears in the temp members DB, which is fine. Do you have any ideas what could be going wrong? Here are the scripts... signup_ac.php Confirmation.php config.php Any help is appreciated. Cheers, Martin Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 18, 2009 Share Posted September 18, 2009 Check your databases are setup correctly, check the table exists (see Line 28 of Confirmation.php) PS Pleasee use the code tags instead of images, as normally I would ignore this post for having an image for the code! Quote Link to comment Share on other sites More sharing options...
mdre83 Posted September 18, 2009 Author Share Posted September 18, 2009 MadTechie, Thanks for the reply. Form what I can see, the DBs are setup correctly. The websmart_registeredmembers table does exist under a separate DB to the temp members one. I'm new to all this, so I may be missing something very simple. I've included the code again below and ill remove the above images <? include('config.php'); // table name $tbl_name=websmart_tempmembersdb; // Random confirmation code $confirm_code=md5(uniqid(rand())); // values sent from form $name=$_POST['name']; $email=$_POST['email']; $country=$_POST['country']; // Insert data into database $sql="INSERT INTO $tbl_name(confirm_code, name, email, password, country)VALUES('$confirm_code', '$name', '$email', '$password', '$country')"; $result=mysql_query($sql); // if suceesfully inserted data into database, send confirmation link to email if($result){ // ---------------- SEND MAIL FORM ---------------- // send e-mail to ... $to=$email; // Your subject $subject="Websmartin confirmation link here"; // From $header="from: Websmartin.co.uk"; // Your message $message="Your Comfirmation link \r\n"; $message.="Click on the below link to activate your account \r\n";<br> $message.="http://www.websmartin.co.uk/confirmation.php?passkey=$confirm_code";<br><br> $message.="Kinds regards,"<br> $message.="Websmartin" // send email $sentmail = mail($to,$subject,$message,$header); } // if not found else { echo "Not found your email in our database"; } // if your email succesfully sent if($sentmail){ echo "Your Confirmation link Has Been Sent To Your Email Address<br>Please close this window."; } else { echo "Cannot send Confirmation link to your e-mail address"; } ?> <? include('config.php'); // Passkey that got from link $passkey=$_GET['passkey']; $tbl_name1="websmart_tempmembersdb"; // Retrieve data from table where row that match this passkey $sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'"; $result1=mysql_query($sql1); // If successfully queried if($result1){ // Count how many row has this passkey $count=mysql_num_rows($result1); // if found this passkey in our database, retrieve data from table "websmart_tempmembersdb" if($count==1){ $rows=mysql_fetch_array($result1); $name=$rows['name']; $email=$rows['email']; $password=$rows['password']; $country=$rows['country']; $tbl_name2="websmart_registeredmembers"; // Insert data that retrieves from "websmart_tempmembersdb" into table "websmart_registeredmembers" $sql2="INSERT INTO $tbl_name2(name, email, password, country)VALUES('$name', '$email', '$password', '$country')"; $result2=mysql_query($sql2); } // if not found passkey, display message "Wrong Confirmation code" else { echo "Wrong Confirmation code"; } // if successfully moved data from table "websmart_tempmembersdb" to table "registered_members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db" if($result2){ echo "Your account has been activated"; // Delete information of this user from table "websmart_tempmembersdb" that has this passkey $sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'"; $result3=mysql_query($sql3); } } ?> <? $host="localhost"; // Host name $username="*****"; // Mysql username $password="****"; // Mysql password $db_name="websmart_tempmembersdb"; // Database name //Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect to server"); mysql_select_db("$db_name")or die("cannot select DB"); ?> Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 18, 2009 Share Posted September 18, 2009 backup your current Confirmation.php and try this one instead, i have added some debugging, and some markers <?php include('config.php'); // Passkey that got from link $passkey=$_GET['passkey']; $tbl_name1="websmart_tempmembersdb"; // Retrieve data from table where row that match this passkey $sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'"; $result1=mysql_query($sql1) or die($sql1.mysql_error()); echo "#1: \n<br>"; // If successfully queried if($result1){ // Count how many row has this passkey $count=mysql_num_rows($result1); echo "#2: \n<br>"; // if found this passkey in our database, retrieve data from table "websmart_tempmembersdb" if($count==1){ $rows=mysql_fetch_array($result1); $name=$rows['name']; $email=$rows['email']; $password=$rows['password']; $country=$rows['country']; $tbl_name2="websmart_registeredmembers"; // Insert data that retrieves from "websmart_tempmembersdb" into table "websmart_registeredmembers" $sql2="INSERT INTO $tbl_name2(name, email, password, country)VALUES('$name', '$email', '$password', '$country')"; $result2=mysql_query($sql2)or die($sql2.mysql_error()); } // if not found passkey, display message "Wrong Confirmation code" else { echo "Wrong Confirmation code"; } echo "#3: \n<br>"; // if successfully moved data from table "websmart_tempmembersdb" to table "registered_members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db" if($result2){ echo "Your account has been activated"; // Delete information of this user from table "websmart_tempmembersdb" that has this passkey $sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'"; $result3=mysql_query($sql3)or die($sql3.mysql_error()); } } ?> please note your code is vulnerable to SQL injections (we will get back to that) Quote Link to comment Share on other sites More sharing options...
mdre83 Posted September 18, 2009 Author Share Posted September 18, 2009 I now receive the following message... (**** replaces email address and password) #1: #2: INSERT INTO websmart_registeredmembers(name, email, password, country)VALUES('martinAndrews', '****', '****', 'UK')Table 'websmart_tempmembersdb.websmart_registeredmembers' doesn't exist SQL injection... ? Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 18, 2009 Share Posted September 18, 2009 As i said websmart_registeredmembers doesn't exist! can you give me an idea how your database are setup, as the code suggests 2 different things 1. 2 tables websmart_registeredmembers and websmart_tempmembersdb 2. 2 databases, both with websmart_registeredmembers Quote Link to comment Share on other sites More sharing options...
mdre83 Posted September 18, 2009 Author Share Posted September 18, 2009 I created two DBs 1. websmart_tempmembersdb which contains the table also named websmart_tempmembersdb 2. websmart_registeredmembers which also contain a table named websmart_registeredmembers As I say I'm a complete novice in this... as you can see Quote Link to comment Share on other sites More sharing options...
mdre83 Posted September 18, 2009 Author Share Posted September 18, 2009 This is where I got the codes from however, I made slight adjustments to my code regarding table names and text. Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 18, 2009 Share Posted September 18, 2009 Where did you get it ? also why do you want a temporary database for unactivated people ? Quote Link to comment Share on other sites More sharing options...
mdre83 Posted September 18, 2009 Author Share Posted September 18, 2009 sorry forgot to paste in link. This is where I got the codes from http://www.phpeasystep.com/phptu/6.html the temp DB holds those that are not yet activated, then once the activation link is clicked it transfers the data to the registered members DB :S When I have this issue fixed I would then need to use a sign-in script but to then allow registered users to my site. This will be another stumbling block for me. I really appreciated all your help in this. Maybe I should give up on PHP already This is my first real attempt at it. Quote Link to comment Share on other sites More sharing options...
mdre83 Posted September 18, 2009 Author Share Posted September 18, 2009 This is the other 'tutorial' I used... http://www.phpeasystep.com/mysql/2.html Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 18, 2009 Share Posted September 18, 2009 try these updates <?php $host="localhost"; // Host name $username="*****"; // Mysql username $password="****"; // Mysql password $db_name="websmart_registeredmembers"; // Main Database name $db_tempname="websmart_tempmembersdb"; // Temp Database name //Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect to server"); mysql_select_db("$db_name")or die("cannot select DB"); ?> <?php include('config.php'); // Passkey that got from link $passkey=$_GET['passkey']; $tbl_name1="websmart_tempmembersdb"; mysql_select_db($db_tempname)or die("cannot select temp DB"); // Retrieve data from table where row that match this passkey $sql1="SELECT * FROM $tbl_name1 WHERE confirm_code ='$passkey'"; $result1=mysql_query($sql1) or die($sql1.mysql_error()); // If successfully queried if($result1){ // Count how many row has this passkey $count=mysql_num_rows($result1); // if found this passkey in our database, retrieve data from table "websmart_tempmembersdb" if($count==1){ $rows=mysql_fetch_array($result1); $name=$rows['name']; $email=$rows['email']; $password=$rows['password']; $country=$rows['country']; $tbl_name2="websmart_registeredmembers"; mysql_select_db($db_name)or die("cannot select main DB"); // Insert data that retrieves from "websmart_tempmembersdb" into table "websmart_registeredmembers" $sql2="INSERT INTO $tbl_name2(name, email, password, country)VALUES('$name', '$email', '$password', '$country')"; $result2=mysql_query($sql2)or die($sql2.mysql_error()); } // if not found passkey, display message "Wrong Confirmation code" else { echo "Wrong Confirmation code"; } // if successfully moved data from table "websmart_tempmembersdb" to table "registered_members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db" if($result2){ echo "Your account has been activated"; mysql_select_db($db_tempname)or die("cannot select temp DB"); // Delete information of this user from table "websmart_tempmembersdb" that has this passkey $sql3="DELETE FROM $tbl_name1 WHERE confirm_code = '$passkey'"; $result3=mysql_query($sql3)or die($sql3.mysql_error()); } } ?> Quote Link to comment Share on other sites More sharing options...
mdre83 Posted September 18, 2009 Author Share Posted September 18, 2009 I now receive... 'Cannot sleect DB' Which appears to be coming from signup-ac.php. I've included the code for this below <? include('config.php'); // table name $tbl_name=websmart_tempmembersdb; // Random confirmation code $confirm_code=md5(uniqid(rand())); // values sent from form $name=$_POST['name']; $email=$_POST['email']; $country=$_POST['country']; // Insert data into database $sql="INSERT INTO $tbl_name(confirm_code, name, email, password, country)VALUES('$confirm_code', '$name', '$email', '$password', '$country')"; $result=mysql_query($sql); // if suceesfully inserted data into database, send confirmation link to email if($result){ // ---------------- SEND MAIL FORM ---------------- // send e-mail to ... $to=$email; // Your subject $subject="Websmartin confirmation link here"; // From $header="from: Websmartin.co.uk"; // Your message $message="Your Comfirmation link \r\n"; $message.="Click on the below link to activate your account \r\n";<br> $message.="http://www.websmartin.co.uk/confirmation.php?passkey=$confirm_code";<br><br> $message.="Kinds regards,"<br> $message.="Websmartin" // send email $sentmail = mail($to,$subject,$message,$header); } // if not found else { echo "Not found your email in our database"; } // if your email succesfully sent if($sentmail){ echo "Your Confirmation link Has Been Sent To Your Email Address<br>Please close this window."; } else { echo "Cannot send Confirmation link to your e-mail address"; } ?> Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 18, 2009 Share Posted September 18, 2009 okay I just reviewed all of the code, (didn't test it as I don't have the database and i'm too lazy to setup one ) here's an update <?php //Config.php $host="localhost"; // Host name $username="*****"; // Mysql username $password="****"; // Mysql password $db_name="websmart_registeredmembers"; // Main Database name $db_tempname="websmart_tempmembersdb"; // Temp Database name $tbl_tempname="websmart_tempmembersdb"; $tbl_membername="websmart_registeredmembers"; //Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect to server"); //mysql_select_db("$db_name")or die("cannot select DB"); ?> <?php //signup-ac.php include('config.php'); // Random confirmation code $confirm_code=md5(uniqid(rand())); // values sent from form $name=$_POST['name']; $email=$_POST['email']; $country=$_POST['country']; // Insert data into database $sql=sprintf("INSERT INTO $db_tempname.$tbl_tempname (confirm_code, name, email, password, country)VALUES('%s', '%s', '%s', '%s', '%s')", $confirm_code,mysql_real_escape_string($name), mysql_real_escape_string($email), mysql_real_escape_string($password), mysql_real_escape_string($country)); $result=mysql_query($sql); // if suceesfully inserted data into database, send confirmation link to email if($result){ // ---------------- SEND MAIL FORM ---------------- // send e-mail to ... $to=$email; // Your subject $subject="Websmartin confirmation link here"; // From $header="from: Websmartin.co.uk"; // Your message $message="Your Comfirmation link \r\n"; $message.="Click on the below link to activate your account \r\n"; $message.="http://www.websmartin.co.uk/confirmation.php?passkey=$confirm_code"; $message.="Kinds regards,"; $message.="Websmartin"; // send email $sentmail = mail($to,$subject,$message,$header); }else { echo "Not found your email in our database"; } // if your email succesfully sent if($sentmail){ echo "Your Confirmation link Has Been Sent To Your Email Address<br>Please close this window."; }else { echo "Cannot send Confirmation link to your e-mail address"; } ?> <?php //Confirmation.php include('config.php'); // Passkey that got from link $passkey=$_GET['passkey']; // Retrieve data from table where row that match this passkey $sql1=sprintf("SELECT * FROM $db_tempname.$tbl_tempname WHERE confirm_code ='%s'",mysql_real_escape_string($passkey)); $result1=mysql_query($sql1) or die($sql1.mysql_error()); // If successfully queried if($result1){ // Count how many row has this passkey $count=mysql_num_rows($result1); // if found this passkey in our database, retrieve data from table "websmart_tempmembersdb" if($count==1){ $rows=mysql_fetch_array($result1); $name=$rows['name']; $email=$rows['email']; $password=$rows['password']; $country=$rows['country']; // Insert data that retrieves from "websmart_tempmembersdb" into table "websmart_registeredmembers" $sql2=sprintf("INSERT INTO $db_name.$tbl_membername(name, email, password, country)VALUES('%s', '%s', '%s', '%s')", mysql_real_escape_string($name), mysql_real_escape_string($email), mysql_real_escape_string($password), mysql_real_escape_string($country)); $result2=mysql_query($sql2)or die($sql2.mysql_error()); } // if not found passkey, display message "Wrong Confirmation code" else { echo "Wrong Confirmation code"; } // if successfully moved data from table "websmart_tempmembersdb" to table "registered_members" displays message "Your account has been activated" and don't forget to delete confirmation code from table "temp_members_db" if($result2){ echo "Your account has been activated"; // Delete information of this user from table "websmart_tempmembersdb" that has this passkey $sql3=sprintf("DELETE FROM $db_tempname.$tbl_tempname WHERE confirm_code = '%s'",mysql_real_escape_string($passkey)); $result3=mysql_query($sql3)or die($sql3.mysql_error()); } } ?> EDIT: oops updated confirmation.php changed $db_tempname to $db_name updated to // Insert data that retrieves from "websmart_tempmembersdb" into table "websmart_registeredmembers" $sql2=sprintf("INSERT INTO $db_name.$tbl_membername(name, email, password, country)VALUES('%s', '%s', '%s', '%s')", mysql_real_escape_string($name), mysql_real_escape_string($email), mysql_real_escape_string($password), mysql_real_escape_string($country)); $result2=mysql_query($sql2)or die($sql2.mysql_error()); Quote Link to comment Share on other sites More sharing options...
mdre83 Posted September 18, 2009 Author Share Posted September 18, 2009 HAHA, Cheers mate. Unfortunately I have to dash out, will test the scripts a little later and report back. Many thanks for your help so far, really appreciate it. My next step would be to only to have members sign up for access to part of the site. Speak soon Quote Link to comment Share on other sites More sharing options...
mdre83 Posted September 18, 2009 Author Share Posted September 18, 2009 Couldn't resist doing a quick test before I dash out... Scripts seem to be working spot on now mate Much appreciated, your skills are second to none! I will report back later regarding my next step in the process as mentioned above Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 18, 2009 Share Posted September 18, 2009 This is the other 'tutorial' I used... http://www.phpeasystep.com/mysql/2.html I had a quick read, it okay but was probably written is PHP4 (or by a PHP 4 developer) php 5 is a standard and 6 is out soon. for example session_is_registered() & session_register() has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged. InFact Use of $_SESSION was preferred, as of PHP 4.1.0 so change session_is_registered('whatever') to isset($_SESSION['whatever']) and session_register("whatever"); to $_SESSION['whatever'] = $whatever; however session_start(); must be called at the start, so add that to the start of checklogin.php login_success.php has it already here's some code you could add for a members only page (after that tut) <?php stsession_start(); if(!isset($_SESSION['myusername'])) { die("Ahhha a guest.. Go away!"); } echo "Hello ".$_SESSION['myusername']; ?> Quote Link to comment Share on other sites More sharing options...
mdre83 Posted September 21, 2009 Author Share Posted September 21, 2009 Hi Richard (madtechie) Been a little busy since my last post. ok so, the sign up process scripts and now working, many thanks for that This may seem like a stupid question (I'm a novice in PHP) The memonly script, should this be added to the html of those pages that are only to be viewed by registered members? Will this prompt them with the login box? :-\ Quote Link to comment Share on other sites More sharing options...
MadTechie Posted September 21, 2009 Share Posted September 21, 2009 Yes you can put that at the top of any page which is for members only, i have made a one line update, that will redirect guest to login.php (update as you see fit) <?php stsession_start(); if(!isset($_SESSION['myusername'])) { //die("Ahhha a guest.. Go away!"); header("Location: login.php"); } echo "Hello ".$_SESSION['myusername']; ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.